Commit Graph

856 Commits

Author SHA1 Message Date
Miroslav Stampar
ab67344448 Removed unused imports and variables (pyflake-ing) 2012-12-06 11:15:05 +01:00
Miroslav Stampar
0f191f624c Taking some goodies from Pull request #284 2012-12-06 10:21:53 +01:00
Miroslav Stampar
775e0df04b Update for an Issue #278 2012-12-05 10:45:17 +01:00
Miroslav Stampar
d4b5133df7 Update for an Issue #272 2012-12-04 17:04:32 +01:00
Miroslav Stampar
b250b68231 Bug fix (--users was returning only 1 value because of this bug; probably introduced by mistake months ago) 2012-11-29 12:02:59 +01:00
Miroslav Stampar
ed40f18796 Minor fix 2012-11-26 14:59:44 +01:00
Miroslav Stampar
c1b8226329 Massive renaming (proper naming is inband = union & error techniques! - query naming stays as they are/in code things like forgeInbandQuery are renamed to forgeUnionQuery) 2012-10-28 00:36:09 +02:00
Miroslav Stampar
a435ba6863 Minor fix 2012-10-28 00:19:00 +02:00
Miroslav Stampar
0aeb9dbe8b Bug fix (in --dump mode if error/inband failed with None other techniques were ignored) 2012-10-27 23:42:52 +02:00
Miroslav Stampar
06805b27f2 Bug fix (time was also meant to be disabled in case of error/inband getvalues) 2012-10-27 23:16:25 +02:00
Miroslav Stampar
ba55bed008 More general approach for PostgreSQL concatenation operator precedence problem (Issue #219) 2012-10-25 10:41:16 +02:00
Miroslav Stampar
54fbb22ab8 Minor refactoring 2012-10-25 09:56:36 +02:00
Miroslav Stampar
c2058dfc8f Fix for an Issue #220 2012-10-25 09:42:43 +02:00
Miroslav Stampar
b7429dc6bb Minor fix for an Issue #219 2012-10-25 00:15:59 +02:00
Miroslav Stampar
c0f57f4e90 Minor fix for an Issue #217 2012-10-24 23:43:28 +02:00
Miroslav Stampar
344ef9af7d Language fix (in lots of cases wrong statement 'unable to retrieve columns for any table in database' was reported) 2012-10-24 23:38:35 +02:00
Miroslav Stampar
5477c9f7ba Fix for an Issue #216 2012-10-24 22:59:46 +02:00
Miroslav Stampar
6e2fce66aa Patch for an Issue #212 2012-10-23 15:34:59 +02:00
Miroslav Stampar
f25f5c9eeb Minor fix 2012-10-23 10:33:30 +02:00
Miroslav Stampar
3f596cda85 Minor fix for --dump --technique=B when empty strings are returned 2012-10-22 11:49:23 +02:00
Miroslav Stampar
fb1497aa89 Minor update for Issue #209 2012-10-21 18:53:31 +02:00
Miroslav Stampar
ebe3f4c34c Minor fix 2012-10-15 18:51:42 +02:00
Miroslav Stampar
91ea8e52b7 Minor patch for an Issue #201 2012-10-15 18:01:52 +02:00
Miroslav Stampar
e440b096c5 Fix for an Issue #202 2012-10-15 12:24:30 +02:00
Miroslav Stampar
ed2d163269 Fix for an Issue #201 2012-10-14 17:53:55 +02:00
Miroslav Stampar
f71b937add Minor language cleanup 2012-10-04 18:28:36 +02:00
Miroslav Stampar
75990b715d Fix for an Issue #184 2012-09-13 10:20:24 +02:00
Miroslav Stampar
959225af55 Minor fix 2012-09-10 19:28:15 +02:00
Miroslav Stampar
5c21395fe2 Minor update for an Issue #179 2012-09-10 19:26:51 +02:00
Miroslav Stampar
1f49e4ae36 Fix for an Issue #179 2012-09-10 19:23:24 +02:00
Miroslav Stampar
9a631331a5 Fix for an Issue #177 2012-09-08 20:22:13 +02:00
Miroslav Stampar
f26ea04e38 Fix for an Issue #175 2012-09-07 17:06:38 +02:00
Miroslav Stampar
1bcf5a6b88 Some more dict refactorings 2012-08-21 11:30:01 +02:00
Miroslav Stampar
01f481c332 Minor refactoring of dictionaries 2012-08-21 11:19:15 +02:00
Miroslav Stampar
4649450603 Fix for an Issue #137 2012-08-16 22:20:24 +02:00
Miroslav Stampar
74ee0ce78a Fix for an Issue #148 2012-08-14 23:25:12 +02:00
Miroslav Stampar
b78163f99b Update for Issue #138 2012-08-08 19:06:47 +02:00
Miroslav Stampar
20a66567a3 Minor refactoring 2012-07-30 10:06:14 +02:00
Miroslav Stampar
ffc520b35f Minor refactoring 2012-07-24 14:35:56 +02:00
Miroslav Stampar
95e0d46e3e Fix for an Issue #110 2012-07-21 09:15:54 +02:00
Bernardo Damele
34e77a8801 ported fix for issue #81 also to blind techniques 2012-07-21 00:20:32 +01:00
Bernardo Damele
3e21f3d07a fixed --search -C too on MSSQL - issue #81 2012-07-21 00:08:40 +01:00
Bernardo Damele
60242f92c5 made --search -D on MSSQL consistent with other DBMSes - issue #81 2012-07-20 23:37:56 +01:00
Bernardo Damele
7f10b01265 same fix as previous commit for blind techniques 2012-07-20 22:35:20 +01:00
Bernardo Damele
b54ae107cc major bug fix in --search with multiple -C provided 2012-07-20 22:29:48 +01:00
Bernardo Damele
45177cf93d minor restyling 2012-07-20 22:29:30 +01:00
Bernardo Damele
16668e1b8d leftover debug message 2012-07-20 21:48:29 +01:00
Bernardo Damele
b0ab837832 minor code refactoring and implemented issue #95 2012-07-20 21:46:36 +01:00
Bernardo Damele
9cb1c4c0d9 plugin refactoring - issue #22 2012-07-20 19:17:35 +01:00
Bernardo Damele
86df6037e3 reverted previous ugly hack for issue #110, perhaps a better fix is possible 2012-07-20 16:01:04 +01:00
Bernardo Damele
1928d5464d fixes issue #97 2012-07-20 15:56:14 +01:00
Bernardo Damele
52431402dd minor fix to avoid cleanup() if web backdoor upload failed 2012-07-16 17:58:30 +01:00
Miroslav Stampar
c1a14257a4 Removing --disable... switches and making changes in default choice(s) for respectable sections 2012-07-16 11:31:51 +02:00
Bernardo Damele
bb8cd788e1 minor fix 2012-07-16 09:56:41 +01:00
Miroslav Stampar
3f4186ce2c Removing duplicate user password hashes 2012-07-14 10:57:46 +02:00
Miroslav Stampar
6677da63cd Fix for an Issue #88 2012-07-13 14:25:39 +02:00
Miroslav Stampar
3c81f74823 Minor style update 2012-07-13 12:22:37 +02:00
Bernardo Damele
162da75a04 modified homepage address 2012-07-12 18:38:03 +01:00
Miroslav Stampar
cba2a26b68 Finishing Issue #75 (inference dumping) 2012-07-12 14:46:57 +02:00
Miroslav Stampar
65639cdda6 First update for Issue #75 (error-based dumping) 2012-07-12 14:31:28 +02:00
Miroslav Stampar
3fd5119f3f Redesigning for Issue #75 2012-07-12 13:42:22 +02:00
Bernardo Damele
fed178646a minor refactoring 2012-07-12 01:48:07 +01:00
Bernardo Damele
01474f6272 proper debug message added - issue #75 2012-07-12 01:19:36 +01:00
Bernardo Damele
ee3aeb8dcf actual implementation of issue #75, still some work to do 2012-07-12 01:16:00 +01:00
Bernardo Damele
caeddf6822 avoid unescaping user provided queries (--sql-query, --sql-shell, --sql-file). Before it was only applied to --sql-file 2012-07-12 00:17:07 +01:00
Bernardo Damele
66d854c7d8 leftover space 2012-07-12 00:04:56 +01:00
Bernardo Damele
53c0336b48 added --hostname switch to retrieve DBMS server hostname - closes issue #69 2012-07-12 00:01:57 +01:00
Bernardo Damele
6f6cd676b7 clean up the file system from sqlmap created web files 2012-07-11 14:07:20 +01:00
Bernardo Damele
0c5f259481 var renaming 2012-07-11 13:39:33 +01:00
Miroslav Stampar
9c4a62f725 Some work on Issue #68 2012-07-11 11:58:47 +02:00
Miroslav Stampar
8caffac4bc conf.unescape->kb.unescape 2012-07-10 10:55:04 +02:00
Bernardo Damele
4656d23d82 increased verbosity level of some messages and removed a leftover 2012-07-10 01:43:19 +01:00
Bernardo Damele
00b7411a87 more adjustments for issue #33, of particular importance the fact that the user's provided statement from a file is never unescaped, should be ok 2012-07-10 01:39:03 +01:00
Bernardo Damele
2527554f8e more work on #33 2012-07-10 00:53:07 +01:00
Bernardo Damele
c4af7b9aa0 initial work for issue #33 2012-07-10 00:27:08 +01:00
Bernardo Damele
25eca9d671 finally got this working on MSSQL 2005: commands can now be executed as another user (BULK INSERT must be used in such case, see comments in the code) - issue #34 2012-07-09 14:26:23 +01:00
Miroslav Stampar
86c27cc4f2 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2012-07-06 17:28:13 +02:00
Miroslav Stampar
e948e4d45b Some more refactoring 2012-07-06 17:18:22 +02:00
Bernardo Damele
e673033ac1 minor layout adjustment 2012-07-06 15:26:45 +01:00
Bernardo Damele
fb7fe552b7 proper naming 2012-07-06 15:13:50 +01:00
Miroslav Stampar
6a05e3fd79 Fix for Issue #61 2012-07-06 14:24:44 +02:00
Miroslav Stampar
27fdccc858 Update for Issue #55 (falling back to SELECT DB_NAME(N)) 2012-07-03 20:15:17 +02:00
Bernardo Damele
ab412da27f I am back on stage and here to stay!!! to start.. a removal of confirm switch which masked cases where file write operations failed when set to False automatically, now at least it asks the user and defaults to Yes 2012-07-01 23:25:05 +01:00
Miroslav Stampar
e51d3a02f1 Update for Issue #43 (renamed --disable-cracking to --disable-hash) 2012-06-28 18:53:47 +02:00
Miroslav Stampar
c8bac658f3 Fix for Issue #43 2012-06-28 18:47:55 +02:00
jekil
c39e5a85ba Removed $id$ tags 2012-06-27 20:56:43 +02:00
Miroslav Stampar
303aa10507 only a small update 2012-06-27 14:43:18 +02:00
Miroslav Stampar
06be7bbb18 few just in case fixes (unarrayizeValue in dumpTable entries) and and some refactoring (unique is now not done for every union case but only if detected that there are duplicates in union test) 2012-06-15 20:41:53 +00:00
Miroslav Stampar
d5e80089ff minor summer cleanup 2012-06-14 13:44:16 +00:00
Miroslav Stampar
3a90105fbb minor refactoring 2012-06-14 13:38:53 +00:00
Miroslav Stampar
96177393e1 minor update regarding --exact switch 2012-06-10 13:38:12 +00:00
Miroslav Stampar
10b0639a96 making a "--exact" switch on demand (choosing exact identifier names by default instead of LIKE) 2012-06-04 09:24:46 +00:00
Miroslav Stampar
3f6bc1f3c2 minor fix 2012-05-24 18:05:33 +00:00
Miroslav Stampar
1e18168cc8 fix for one silent bug and small language update 2012-05-23 16:35:40 +00:00
Miroslav Stampar
0e8d8577a7 adding a DB2 patch from smcintyre@securestate.com 2012-05-21 08:26:19 +00:00
Miroslav Stampar
079e0e1434 minor bug fix 2012-05-18 08:51:50 +00:00
Miroslav Stampar
96299d3d5d minor refactoring 2012-05-03 22:34:18 +00:00
Miroslav Stampar
8013a64f8c minor refactoring 2012-05-01 19:57:30 +00:00
Miroslav Stampar
c71d435d9f making "id"-like columns prioritized for ORDER BY in MySQL 2012-05-01 19:52:02 +00:00
Miroslav Stampar
458a73c9b4 few consistency fixes 2012-04-29 23:09:00 +00:00